[iOS Enterprise] BrowserSignin: Update policy description

- Updates the BrowserSignin policy description to add iOS-specific information, such that sign-out happens immediately, that browser web sign-in doesn't cause browser sign-in, and that the Force sign-in option isn't supported. - Moves BrowserSignin support from future_on to supported_on for M90. Bug: 1155745 Change-Id: I8ea651dfe45489de8c9337eb6c159245e9ffb774 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2700613 Commit-Queue: Guillaume Jenkins <gujen@google.com> Reviewed-by: Julian Pastarmov <pastarmovj@chromium.org> Cr-Commit-Position: refs/heads/master@{#857334}
Denger-Network · Feb 24, 2021 · 825ce65 · 825ce65
1 parent 4d986db
commit 825ce65
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 7 deletions.
diff --git a/components/policy/resources/policy_templates.json b/components/policy/resources/policy_templates.json
@@ -14071,8 +14071,7 @@
           'supported_on': ['chrome.win:70-', 'chrome.mac:70-'],
         },
       ],
-      'supported_on': ['chrome.*:70-', 'android:70-'],
-      'future_on': [ 'ios' ],
+      'supported_on': ['chrome.*:70-', 'android:70-', 'ios:90-'],
       'features': {
         'dynamic_refresh': False,
         'per_profile': False
@@ -14081,15 +14080,15 @@
       'id': 487,
       'caption': '''Browser sign in settings''',
       'tags': [],
-      'desc': '''This policy controls the sign-in behavior of the browser. It allows you to specify if the user can sign in to <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> with their account and use account related services like Chrome sync.
+      'desc': '''This policy controls the sign-in behavior of the browser. It allows you to specify if the user can sign in to <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> with their account and use account related services like <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> Sync.
 
-      If the policy is set to "Disable browser sign-in" then the user can not sign in to the browser and use account based services. In this case browser level features like Chrome sync can not be used and will be unavailable. If the user was signed in and the policy is set "Disabled" they will be signed out the next time they run Chrome but their local profile data like bookmarks, passwords etc. will stay preserved. The user will still be able to sign into and use Google web services like Gmail.
+      If the policy is set to "Disable browser sign-in" then the user cannot sign in to the browser and use account-based services. In this case browser-level features like <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> Sync cannot be used and will be unavailable. On <ph name="IOS_NAME">iOS</ph>, if the user was signed in and the policy is set to "Disabled" they will be signed out immediately. On other platforms, they will be signed out the next time they run <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph>. On all platforms, their local profile data like bookmarks, passwords etc. will be preserved and still usable. The user will still be able to sign into and use Google web services like Gmail.
 
-      If the policy is set to "Enable browser sign-in," then the user is allowed to sign in to the browser and is automatically signed in to the browser when signed in to Google web services like Gmail. Being signed in to the browser means the user's account information will be kept by the browser. However, it does not mean that Chrome sync will be turned on per default; the user must separately opt-in to use this feature. Enabling this policy will prevent the user from turning off the setting that allows browser sign-in. To control the availability of Chrome sync, use the "SyncDisabled" policy.
+      If the policy is set to "Enable browser sign-in," then the user is allowed to sign in to the browser. On all platforms except <ph name="IOS_NAME">iOS</ph>, the user is automatically signed in to the browser when signed in to Google web services like Gmail. Being signed in to the browser means the user's account information will be kept by the browser. However, it does not mean that <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> Sync will be turned on by default; the user must separately opt-in to use this feature. Enabling this policy will prevent the user from turning off the setting that allows browser sign-in. To control the availability of <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> Sync, use the <ph name="SYNC_POLICY_NAME">SyncDisabled</ph> policy.
 
-      If the policy is set to "Force browser sign-in" the user is presented with an account selection dialog and has to choose and sign in to an account to use the browser. This ensures that for managed accounts the policies associated with the account are applied and enforced. By default this turns on Chrome sync for the account, except for the case when sync was disabled by the domain admin or via the "SyncDisabled" policy. The default value of BrowserGuestModeEnabled will be set to false. Note that existing unsigned profiles will be locked and inaccessible after enabling this policy. For more information, see help center article: https://support.google.com/chrome/a/answer/7572556. This option does not support Linux and Android, it will fallback to "Enable browser sign-in" if used.
+      If the policy is set to "Force browser sign-in" the user is presented with an account selection dialog and has to choose and sign in to an account to use the browser. This ensures that for managed accounts the policies associated with the account are applied and enforced. By default this turns on <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> Sync for the account, except for the case when <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> Sync was disabled by the domain admin or via the <ph name="SYNC_POLICY_NAME">SyncDisabled</ph> policy. The default value of <ph name="GUEST_MODE_POLICY_NAME">BrowserGuestModeEnabled</ph> will be set to disabled. Note that existing unsigned profiles will be locked and inaccessible after enabling this policy. For more information, see help center article: https://support.google.com/chrome/a/answer/7572556 . This option is not supported on <ph name="LINUX_OS_NAME">Linux</ph>, <ph name="ANDROID_NAME">Android</ph> or <ph name="IOS_NAME">iOS</ph>. It will fall back to "Enable browser sign-in" if used.
 
-      If this policy is not set then the user can decide if they want to enable the browser sign in option and use it as they see fit.''',
+      If this policy is not set then the user can decide if they want to enable browser sign-in in the <ph name="PRODUCT_NAME">$1<ex>Google Chrome</ex></ph> settings and use it as they see fit.''',
     },
     {
       'name': 'SSLVersionMin',

diff --git a/docs/enterprise/description_guidelines.md b/docs/enterprise/description_guidelines.md
@@ -14,5 +14,6 @@ how various product names and the like should be referenced.
 * Lacros: `<ph name="LACROS_NAME">Lacros</ph>`
 * Android: `<ph name="ANDROID_NAME">Android</ph>`
 * macOS: `<ph name="MAC_OS_NAME">macOS</ph>`
+* iOS: `<ph name="IOS_NAME">iOS</ph>`
 * Windows: `<ph name="MS_WIN_NAME">Microsoft® Windows®</ph>`
 * Microsoft ActiveDirectory: `<ph name="MS_AD_NAME">Microsoft® Active Directory®</ph>`